<?php
require_once('App-Top.php');
require_once('Cookie-Handler.php'); //// Only Activate in UNProtected Area
////require_once('Authorizer.php'); //// Only Activate in Protected Area
require_once('FEFunctions.php');
//// LogIn.php
//// This is the Log In page for the WOG site.

//Check whether the session variable SESS_USER_EMAIL_FE_ID is present or not
if (isset($_SESSION['SESS_USER_EMAIL_FE_ID'])) {
    //Check whether the session variable SESS_USER_EMAIL_FE_ID is valid or not
    if (isValid('email', $_SESSION['SESS_USER_EMAIL_FE_ID'])) {
        // User alredy logged in. Show Member Info
        header("Location: MemberInfo.php");
        exit();
    }
}

//// Set Page Title
$page_title = 'Login -  Whiff Of Grape';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title><?php echo $page_title; ?></title>
        <style type="text/css" media="screen">@import url(style.css);</style>
    </head>

    <body>
        <div id="bigWrapper">

            <div id="wrapper">

                <div id="header">
                </div>

                <div id="sidebar">

                <?php
                require_once('MenuLeft.php');
                ?>

                </div>

                <!-- End of Header & Start Content -->

                <div id="body">

                    <div id="entryTitlePage"><?php echo $page_title; ?></div>

                     <!-- TODO: CSS Passw Form class="???" -->
                    <form id="loginF" name="loginF" method="POST" action="LogIn.php" class="frontEnd01">
                        <fieldset>

                            <legend>Login using your Email and Password</legend>

                            <ul>

                                <li>
                                    <label title="Email" for="email">Email</label>
                                    <input name="email" type="text" id="email"  size="30" maxlength="40" value="<?php if (isset($_POST['email'])) { echo $_POST['email']; } ?>" />
                                </li>

                                <li>
                                    <label title="Password" for="passw">Password</label>
                                    <input name="passw" type="password" id="passw"  size="30" maxlength="40" />
                                </li>
                                <li>
                                    <label title="CheckRemember" for="checkRememberMe">Remember Me?</label>
                                    <input class="ClickCheckBox" type="checkbox" id="checkRememberMe" name="checkRememberMe" value="RememberYes"/>
                                </li>

                            </ul>

                            <input class="ButtonSubmit" type="submit" name="SubmitLogin" value="Login" />

                            <input type="hidden" name="SentLogin" value="TRUE" />
                            
                        </fieldset>
                    </form>

                     
                <?php


                // TODO: Create Cookie Log In

                    //// Form was Submitted
                    if (isset($_POST['SentLogin']))
                    {
                        require_once(MYSQL);
                        require_once(STATEM_MYSQL);
                        require_once('FEFunctions.php');

                        $emailLogin = heal($_POST['email']);
                        $emailLogin = clean($emailLogin, $dbc);

                        $passwLogin = heal($_POST['passw']);
                        $passwLogin = clean($passwLogin, $dbc);

                        //// Validate Email
                        if (isValid('email', $emailLogin))
                        {
                            if(isValid('password', $passwLogin))
                            {
                                //// Check for the existence of that email address
                                $q = sprintf($Q_EmailNamePaid_EmailPassw_Login, $emailLogin, $passwLogin);
                                $r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

                                if (mysqli_num_rows($r) == 1)
                                {
                                    //Login Successful
                                    session_regenerate_id();
                                    $member = mysqli_fetch_array ($r, MYSQLI_ASSOC); 
                                    $_SESSION['SESS_USER_EMAIL_FE_ID'] = $member['Email'];
                                    $_SESSION['SESS_USER_PAID_FE_ID'] = $member['Paid'];
                                    $_SESSION['SESS_USER_FNAME_FE_ID'] = $member['FirstName'];


                                    if(isset($_POST['checkRememberMe']) && $_POST['checkRememberMe'] == 'RememberYes')
                                    {
                                        // Create Cookie - Clear Every 6 Months
                                        setcookie('wog_cookie_SESS_USER_EMAIL_FE_ID', $member['Email'], time() + 60*60*24*30*6 );
                                    }


                                    //Free Result and DB
                                    mysqli_free_result($r);
                                    mysqli_close($dbc);

                                    session_write_close();
                                    header("Location: MemberInfo.php");
                                    exit();
                                }
                                else
                                {
                                    //// No database match made.
                                    mysqli_free_result($r);
                                    echo '<p class="error">Either the email or password entered do not match those on file or your account is not active!</p>';
                                }
                            }
                            else
                            {
                                //// No Password!
                                echo '<p class="error">You forgot to enter your email address/password or the email address is incorrect!</p>';
                            }
                        }
                        else
                        {
                            //// No Email!
                            echo '<p class="error">You forgot to enter your email address/password or the email address is incorrect!</p>';
                        }
                        mysqli_close($dbc);
                    }
                ?>

                </div> <!-- Closes body -->
                <!-- End of Content & Start Footer -->

                    <div id="footer">

                    <?php
                    //// Includer Footer
                    include ('footer.php');
                    ?>

                    </div>

                </div> <!-- Closes Wrapper -->
            </div> <!-- Closes bigWrapper -->
        </body>
    </html>
<?php
require_once('App-End.php');
?>

<!-- Designed & Developed By Jose Trujillo (2011) -->